org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper の継承関係図

org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper 連携図

公開メンバ関数
List< ProviderConfigProperty >	getConfigProperties ()

String	getId ()

String []	getCompatibleProviders ()

String	getDisplayCategory ()

String	getDisplayType ()

void	importNewUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

void	updateBrokeredUser (KeycloakSession session, RealmModel realm, UserModel user, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

String	getHelpText ()

boolean	valueEquals (String desiredValue, Object value)

静的公開メンバ関数
static Object	getClaimValue (JsonWebToken token, String claim)

static Object	getClaimValue (IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

static Object	getClaimValue (BrokeredIdentityContext context, String claim)

静的公開変数類
static final String []	COMPATIBLE_PROVIDERS = {KeycloakOIDCIdentityProviderFactory.PROVIDER_ID}

static final String	PROVIDER_ID = "keycloak-oidc-role-to-role-idp-mapper"

static final String	CLAIM = "claim"

static final String	CLAIM_VALUE = "claim.value"

限定公開メンバ関数
boolean	hasClaimValue (IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

静的関数
	[static initializer]

非公開メンバ関数
RoleModel	hasRole (RealmModel realm, IdentityProviderMapperModel mapperModel, BrokeredIdentityContext context)

静的非公開変数類
static final List< ProviderConfigProperty >	configProperties = new ArrayList<ProviderConfigProperty>()

static final String	EXTERNAL_ROLE = "external.role"

詳解

著者: Bill Burke

バージョン

Revision: 1

関数詳解

◆ [static initializer]()

org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.[static initializer] ( )

inlinestaticpackage

◆ getClaimValue() [1/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	JsonWebToken	token,
		String	claim
	)

inlinestaticinherited

                                                                          {
         List<String> split = OIDCAttributeMapperHelper.splitClaimPath(claim);
         Map<String, Object> jsonObject = token.getOtherClaims();
         final int length = split.size();
         int i = 0;
         for (String component : split) {
             i++;
             if (i == length) {
                 return jsonObject.get(component);
             } else {
                 Object val = jsonObject.get(component);
                 if (!(val instanceof Map)) return null;
                 jsonObject = (Map<String, Object>)val;
             }
         }
         return null;
     }

◆ getClaimValue() [2/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlinestaticinherited

                                                                                                                  {
         String claim = mapperModel.getConfig().get(CLAIM);
         return getClaimValue(context, claim);
     }

◆ getClaimValue() [3/3]

static Object org.keycloak.broker.oidc.mappers.AbstractClaimMapper.getClaimValue	(	BrokeredIdentityContext	context,
		String	claim
	)

inlinestaticinherited

                                                                                       {
         {  // search access token
             JsonWebToken token = (JsonWebToken)context.getContextData().get(KeycloakOIDCIdentityProvider.VALIDATED_ACCESS_TOKEN);
             if (token != null) {
                 Object value = getClaimValue(token, claim);
                 if (value != null) return value;
             }
 
         }
         {  // search ID Token
             JsonWebToken token = (JsonWebToken)context.getContextData().get(KeycloakOIDCIdentityProvider.VALIDATED_ID_TOKEN);
             if (token != null) {
                 Object value = getClaimValue(token, claim);
                 if (value != null) return value;
             }
 
         }
         {
             // Search the OIDC UserInfo claim set (if any)
             JsonNode profileJsonNode = (JsonNode) context.getContextData().get(OIDCIdentityProvider.USER_INFO);
             Object value = AbstractJsonUserAttributeMapper.getJsonValue(profileJsonNode, claim);
             if (value != null) return value;
         }
         return null;
     }

◆ getCompatibleProviders()

String [] org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getCompatibleProviders ( )

inline

                                              {
         return COMPATIBLE_PROVIDERS;
     }

◆ getConfigProperties()

List<ProviderConfigProperty> org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getConfigProperties ( )

inline

                                                               {
         return configProperties;
     }

◆ getDisplayCategory()

String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getDisplayCategory ( )

inline

                                        {
         return "Role Importer";
     }

◆ getDisplayType()

String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getDisplayType ( )

inline

                                    {
         return "External Role to Role";
     }

◆ getHelpText()

String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getHelpText ( )

inline

                                 {
         return "Looks for an external role in a keycloak access token.  If external role exists, grant the user the specified realm or application role.";
     }

◆ getId()

String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.getId ( )

inline

                           {
         return PROVIDER_ID;
     }

◆ hasClaimValue()

boolean org.keycloak.broker.oidc.mappers.AbstractClaimMapper.hasClaimValue	(	IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlineprotectedinherited

                                                                                                               {
         Object value = getClaimValue(mapperModel, context);
         String desiredValue = mapperModel.getConfig().get(CLAIM_VALUE);
         return valueEquals(desiredValue, value);
     }

◆ hasRole()

RoleModel org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.hasRole	(	RealmModel	realm,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inlineprivate

                                                                                                                          {
         JsonWebToken token = (JsonWebToken)context.getContextData().get(KeycloakOIDCIdentityProvider.VALIDATED_ACCESS_TOKEN);
         //if (token == null) return;
         String roleName = mapperModel.getConfig().get(ConfigConstants.ROLE);
         String[] parseRole = KeycloakModelUtils.parseRole(mapperModel.getConfig().get(EXTERNAL_ROLE));
         String externalRoleName = parseRole[1];
         String claimName = null;
         if (parseRole[0] == null) {
             claimName = "realm_access.roles";
         } else {
             claimName = "resource_access." + parseRole[0] + ".roles";
         }
         Object claim = getClaimValue(token, claimName);
         if (valueEquals(externalRoleName, claim)) {
             RoleModel role = KeycloakModelUtils.getRoleFromString(realm, roleName);
             if (role == null) throw new IdentityBrokerException("Unable to find role: " + roleName);
             return role;
         }
         return null;
     }

◆ importNewUser()

void org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.importNewUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                    {
         RoleModel role = hasRole(realm, mapperModel, context);
         if (role != null) {
             user.grantRole(role);
         }
     }

◆ updateBrokeredUser()

void org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.updateBrokeredUser	(	KeycloakSession	session,
		RealmModel	realm,
		UserModel	user,
		IdentityProviderMapperModel	mapperModel,
		BrokeredIdentityContext	context
	)

inline

                                                                                                                                                                         {
         RoleModel role = hasRole(realm, mapperModel, context);
         if (role == null) {
             user.deleteRoleMapping(role);
         }
     }

◆ valueEquals()

boolean org.keycloak.broker.oidc.mappers.AbstractClaimMapper.valueEquals	(	String	desiredValue,
		Object	value
	)

inlineinherited

                                                                   {
         if (value instanceof String) {
             if (desiredValue.equals(value)) return true;
         } else if (value instanceof Double) {
             try {
                 if (Double.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof Integer) {
             try {
                 if (Integer.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof Boolean) {
             try {
                 if (Boolean.valueOf(desiredValue).equals(value)) return true;
             } catch (Exception e) {
 
             }
         } else if (value instanceof List) {
             List list = (List)value;
             for (Object val : list) {
                 if (valueEquals(desiredValue, val)) return true;
             }
         }
         return false;
     }

メンバ詳解

◆ CLAIM

final String org.keycloak.broker.oidc.mappers.AbstractClaimMapper.CLAIM = "claim"

staticinherited

◆ CLAIM_VALUE

final String org.keycloak.broker.oidc.mappers.AbstractClaimMapper.CLAIM_VALUE = "claim.value"

staticinherited

◆ COMPATIBLE_PROVIDERS

final String [] org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.COMPATIBLE_PROVIDERS = {KeycloakOIDCIdentityProviderFactory.PROVIDER_ID}

static

◆ configProperties

final List<ProviderConfigProperty> org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.configProperties = new ArrayList<ProviderConfigProperty>()

staticprivate

◆ EXTERNAL_ROLE

final String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.EXTERNAL_ROLE = "external.role"

staticprivate

◆ PROVIDER_ID

final String org.keycloak.broker.oidc.mappers.ExternalKeycloakRoleToRoleMapper.PROVIDER_ID = "keycloak-oidc-role-to-role-idp-mapper"

static

このクラス詳解は次のファイルから抽出されました:

D:/AppData/doxygen/keycloak/rest-service/src/services/src/main/java/org/keycloak/broker/oidc/mappers/ExternalKeycloakRoleToRoleMapper.java

公開メンバ関数

静的公開メンバ関数

静的公開変数類

限定公開メンバ関数

静的関数

非公開メンバ関数

静的非公開変数類

詳解

関数詳解

◆ [static initializer]()

◆ getClaimValue() [1/3]

◆ getClaimValue() [2/3]

◆ getClaimValue() [3/3]

◆ getCompatibleProviders()

◆ getConfigProperties()

◆ getDisplayCategory()

◆ getDisplayType()

◆ getHelpText()

◆ getId()

◆ hasClaimValue()

◆ hasRole()

◆ importNewUser()

◆ updateBrokeredUser()

◆ valueEquals()

メンバ詳解

◆ CLAIM

◆ CLAIM_VALUE

◆ COMPATIBLE_PROVIDERS

◆ configProperties

◆ EXTERNAL_ROLE

◆ PROVIDER_ID